Businesses are becoming increasingly focussed in deriving value from information, that is to say, meaning that has been extracted from data. At the same time businesses are increasingly becoming distributed, geographically, which means that there is a need to transfer data and/or information between different companies (or between operating units of a given company), and thus between sites that are physically distinct from the source of the data.
Transfer of data can occur via several different channels, such as electronically (e.g. via the file transfer protocols, via email or other messaging mechanism), or by copying data onto a storage media and transporting the storage media to the site associated with the recipient. Whilst these channels provide a convenient way of transferring information between parties, they also introduce problems, mainly relating to security and data loss. For example, in the case of transportation of the storage media, there are issues associated with the reliability of the transportation service, both in terms of delivery (will the media reach the recipient?), security (will the media have been tampered with prior to reaching the recipient?), and related thereto, data loss (will the content of the media have been modified or deleted?).
Several workers have developed tools in an attempt to address the problem of security in the context of data protection: typically these tools protect data from outsiders who try to gain unauthorized access to sensitive data and also safeguard against intentional and accidental data leaks of data from a corporation. In addition, workers in the field of digital rights, or copy protection, have developed many methods for validating access to media to ensure that the media being accessed is an authorized version rather than an unauthorized copy. These methods include associating media items or media storage devices with unique identifiers and storing the identifiers centrally and applying a concept of first to access a media item; typically the methods are implemented within a client-server arrangement which validates requests on the basis of the identity of the media item/storage device and requesting user identity. U.S. Pat. No. 6,952,697 describes such a system.
Whilst these methods address authentication of data, none of them provides a solution that addresses the issues of data leakage during transportation of data from sender to destination.